- previously, aa-status --json --show profiles would return non-standard json
- adding the --pretty flag would crash completely
- closes#470
Things done:
- removed trailing ", " in json generation
- generate json seperator (", ") for each new json field
(profiles/processes) after the header if json is enabled
Tested on NixOS and apparmor 4.0.3 base, but should work on any version the patch applies on.
Unfortunately aa_status did not support translations. Add a base support
and the initial pot file. There are no translations done at this time.
Signed-off-by: John Johansen <john.johansen@canonical.com>
aa_load was missing a pot file for translations. Add a pot file for
aa_load and sync it to the code.
Signed-off-by: John Johansen <john.johansen@canonical.com>
POSIX states that d_name has up to NAME_MAX (255) characters, and glibc
stores d_name as an array of size NAME_MAX+1 (256). Thus, supplying
PATH_MAX (4096) as the max length could trigger a buffer overrun. This
could be an even bigger issue on other libcs, as POSIX states that d_name
can be unsized.
Fortunately, this does not seem to cause actual issues, as the length is
only used to compare d_name to a short fixed string. However, it'd be better
to pass the actual correct max length to strnlen.
Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
The short form of the help parameter was not accepting an optional
argument as described in the help message. Update the help message to
remove the extra whitespace in between -h and the options since
getopt(1) says that
"If the option has an optional argument, it must be written directly
after the option character if present."
even though that's not described in getopt(3).
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
The help message from aa-status referenced -h filter when it should
have been -h filters. Also added some whitespaces for consistency.
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
using dfprintf for error messages subjects them to the other
output controls and can cause them to be surpressed when they
shouldn't.
Instead use a dedicated error function and add a quiet flag to
allow silencing errors.
Signed-off-by: John Johansen <john.johansen@canonical.com>
By default aa-status outputs with --verbose enabled - if --json is also
specified then aa-status would currently output in its first line "apparmor
module is loaded.":
aa-status --json | head -n1
apparmor module is loaded.
And only after this the actual json output would follow. This then results in
failures to parse this JSON output:
aa-status --json | jq .
parse error: Invalid numeric literal at line 1, column 9
This in turn then breaks tools / tests which expect the output of aa-status
--json to be purely json - e.g:
https://salsa.debian.org/apparmor-team/apparmor-profiles-extra/-/blob/debian/unstable/debian/tests/policy-is-loaded#L12
So ensure dprintf() etc do not output when --json is specified to restrict the
output of aa-status to pure JSON.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
Dir "d" is not closed when asprintf fails.
Found by coverity: CID 321416: Resource leaks (RESOURCE_LEAK)
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
aa-load is a tool that loads cached (compiled) policies into
the kernel. It can receive as argument a file, a cache directory
containing the hash subtree, and a directory containing cached
files directly underneath - no hash.
This tool can be used in the as a guide for other init
systems to load the cached policies directly.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/770
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
In some cases (if profiles in complain and enforce mode are loaded), the
`i` loop runs more than once, which also means `j == 0` is true in the
middle of the json. This causes invalid json.
This patch fixes this.
This is a regression related to 22aa9b6161
/ https://gitlab.com/apparmor/apparmor/-/merge_requests/964 /
https://gitlab.com/apparmor/apparmor/-/issues/295
which fixed another case of invalid json if a process was unconfined
while having a profile defined.
Note: I also tested this patch for the "unconfined, but has a profile
defined" case to ensure it doesn't break what
22aa9b6161 fixed.
To emphasize that the
--mode
--processs
--profiles
--pid
options are filters rename them to
--filter.mode
--filter.processs
--filter.profiles
--filter.pid
Signed-off-by: John Johansen <john.johansen@canonical.com>
Add the basic infrastructure for adding regex based filters and
allow filtering process and profiles by mode based on a user supplied
filter.
Signed-off-by: John Johansen <john.johansen@canonical.com>
So that the user can control the set of data being shown add a --show
flag. Currently it allows showing
all
profiles
processes
Signed-off-by: John Johansen <john.johansen@canonical.com>
In preparation for new options and controls, split detailed_output()
into detailed_profiles() and detailed_processes() and This switch the
output processing to one larger pass that uses option flags.
This doesn't change current behavior and is in not as clean as the
current code for the current option set. However it will allow us to
easily add new options in one place and have them apply correctly
every where.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Make it so the output options that count profiles and processes can
be output to a file.
This does not add a user option to do so
Signed-off-by: John Johansen <john.johansen@canonical.com>
For detailed output split up where output is going from whether json
is being produced.
This also allows none json output to go to a file.
Signed-off-by: John Johansen <john.johansen@canonical.com>
As reported in issue #295, the json output from aa-status would be invalid if
there were profiles defined for processes that were unconfined. Fix this by
ensuring the json for the processes array is closed properly.
Signed-off-by: Alex Murray <alex.murray@canonical.com>
This fixes a crash when a profile name contains a \n character which
breaks profile name parsing. The fix is minimal in that it ignores
the bad profile name and continues processing.
Ideally this name would not exist and is indicative of a bug in the kernel.
Fixes: https://gitlab.com/apparmor/apparmor/-/issues/211
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/824
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Christian Boltz <apparmor@cboltz.de>
The variable used to store the file descriptor for the --file ended up
being declared twice, resulting in the autoclose attribute attached to
the first declaration being removed by the shadowed second declaration.
Fix this by converting the second declaration to just be an assignment,
as was intended.
strace output before:
[...]
) = 1925
close(1) = 0
exit_group(0) = ?
+++ exited with 0 +++
strace output after removing shadow declaration:
) = 1925
close(1) = 0
close(3) = 0
exit_group(0) = ?
+++ exited with 0 +++
(File descriptor 3 is what is returned by the open() call on the
--file argument.)
Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/804
The aa-features-abi -f short argument was not added to the
getopt_long() set of short arguments, resulting in the command
incorrectly failing like so:
$ ./aa-features-abi -f /etc/apparmor.d/abi/3.0
./aa-features-abi: invalid option -- 'f'
USAGE: ./aa-features-abi [OPTIONS] <SOURCE> [OUTPUT OPTIONS]
[...]
The long --file option works as expected.
Fix this by adding f to the set of short arguments passed to
getopt_long().
Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/804
aa-load is a tool that loads cached (compiled) policies into
the kernel. It can receive as argument a file, a cache directory
containing the hash subtree, and a directory containing cached
files directly underneath - no hash.
This tool can be used in the as a guide for other init
systems to load the cached policies directly.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
Fix spelling errors in code strings. Some strings are translatable.
This fixes are potentially user visible.
Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
Acked-by: Christian Boltz <apparmor@cboltz.de>
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/687
add limits.h
aa_status.c:269:22: error: 'PATH_MAX' undeclared (first use in this function); did you mean 'AF_MAX'?
| 269 | real_exe = calloc(PATH_MAX + 1, sizeof(char));
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It trys to create a symlink before the man pages are installed.
ln -sf aa-status.8 /(path}/apparmor/3.0-r0/image/usr/share/man/man8/apparmor_status.8
| ln: failed to create symbolic link '{path}/apparmor/3.0-r0/image/usr/share/man/man8/apparmor_status.8': No such file or directory
...
install -d /{path}/apparmor/3.0-r0/image/usr/share/man/man8 ; install -m 644 aa-status.8 /{path}/apparmor/3.0-r0/image/usr/share/man/man8;
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Add a basic tool for manipulating the apparmor features abi via
libapparmor. This serves as a basic tool and as an example of using
the library api.
Currently its function is limited to extracting the kernel feature
abi and loading a feature abi from a file and then outputing it.
In the future it will pickup the ability to verify the feature
abi, and merge feature abis.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/613
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve.beattie@canonical.com>
aa_status.c: In function ‘get_processes’:
aa_status.c:236:10: warning: unused variable ‘len’ [-Wunused-variable]
size_t len = 0;
^~~
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/561
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <sbeattie@ubuntu.com>
Cleanup unused var warning
aa_enabled.c: In function ‘exit_with_error’:
aa_enabled.c:34:6: warning: unused variable ‘err’ [-Wunused-variable]
int err;
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/561
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <sbeattie@ubuntu.com>
Define EXTRA_WARNINGS in the common/Make.rules helper so that adding
additional warnings can be done in one(-ish) location, and replace
locally defined C compiler warning flags with EXTRA_WARNINGS in most
locations in the build tree.
v2: issue a warning for any compiler option that the compiler does not
support
Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
... so that - if someone calls aa-status from the commandline - the next prompt doesn't get displayed in the same line as the json output.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/541
Acked-by: Steve Beattie <steve.beattie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
If multiple -p/--profile or -n/--namespace parameters are given to
aa-exec, they are handled on a "last one wins" base.
This probably isn't expected behaviour, and erroring out in case of
conflicting parameters probably makes more sense.
